How storage can help fight malware [Q&A]
We tend to think of storage as being a target when it comes to malware attacks with cyber criminals seeking to steal data or encrypt it to demand a ransom. But in fact technology can make storage part of the solution.
Hybrid storage specialist Reduxio believes innovative storage can be used to fight and defeat ransomware and malware. We spoke to Reduxio's Jacob Cherian (VP of product strategy) and Mike Grandinetti (chief marketing and corporate strategy officer) to find out how.
BN: How much of an impact can ransomware have on a business?
MG: Ransomware is a top concern for businesses these days, given that it has become the largest cybersecurity threat. In fact, every day about 4000 companies are under threat of attack -- an increase of 300 percent compared to 2015 figures. More than $200 million has been paid to ransomware hackers in the first quarter of 2016 alone.
Businesses are seeing a new reality, where it is not a matter of if a ransomware attack will occur, but when it will occur.
Businesses can take all the necessary precautions and utilize the bevy of cybersecurity tools available, but in the end, something like ransomware will eventually find its target. If businesses do not have a strong recovery strategy and solutions in place to get operations back to normal, a ransomware incident can easily cost them a significant amount of time and money. That isn't taking into consideration the cost from lost productivity and downtime when it's taking businesses a minimum of days or longer to recover at a potential cost of hundreds of thousands of dollars per hour.
BN: What can storage do to combat the problem?
JC: One of the best approaches for businesses to combat a ransomware demand is by having a primary storage system in place that allows the user to go back to the last backup before an attack and clear its data of any damage caused by the attack, via native snapshot capabilities which are scheduled "images" of data.
The problem with many types of storage now -- legacy storage -- is that it's slow and cumbersome and snapshots are only taken periodically. Relying on intermittent snapshots would mean losing hours or perhaps days of critical data at the minimum.
However, not all storage systems on the market are made equal, with some having better recovery capabilities than others. The storage solutions that will be the most effective in combating ransomware and other cybersecurity attacks are those that use innovative features and capabilities.
Reduxio's storage system, for example, foregoes snapshots. We've invented a capability called BackDating, which essentially provides businesses a "time machine" allowing them to go back in time to precisely the second before the attack. With BackDating, a sysadmin can choose any time in the past with one second of granularity and either create an independent clone or revert the original data volume to that exact point in time -- allowing them to recover their data to right before the attack as if it never happened. Sysadmins can take advantage of this BackDating capability by selecting a specific second in time to "scroll back" the system.
There are many approaches to combating ransomware, but the most effective approach in dealing with it and other cyber threats would be to pair the best cyber protection tools with the most innovative storage solutions for quick recovery.
BN: How quickly can compromised data be recovered?
MG: How quickly you recover will ultimately depend on the storage solutions you have in place and the capabilities that they have. Businesses that are relying on snapshots and legacy storage systems may find themselves spending hours if not days recovering their data or restoring backups.
When the Barnstable Police Department, one of the largest PDs in the State of Massachusetts with 130 employees, was hit by a ransomware attack recently it would have spent a minimum of 36 hours getting its computers and systems back up and running if it relied legacy storage based on prior experiences. That amount of downtime would be difficult for any organization to handle, and even more so for the Barnstable PD given that it is a 24/7 local government institution responsible to protecting their community of 150,000 citizens.
Fortunately for the Barnstable PD, it had deployed Reduxio's storage systems in the weeks before the attack. From the moment of the ransomware attack to the full recovery -- and without ransomware paid or data loss -- Barnstable PD was able to get its mission critical systems and data up and running in a matter of 35 minutes.
BN: Won't this require a major and costly change to storage infrastructure?
JC: We believe that storage tiering is a great way to balance high performance and cost efficiency. Understandably so, few organizations have the need -- or the money -- to run all of their workloads on SSD, so regardless of its improving economics, SSD will continue to share the stage with spinning disk.
Some storage systems can be up and running extremely quickly -- Reduxio's can be working in a matter of 15 minutes after unboxing. Setup procedures are simple, requiring basic information entry such as IP addresses on several start-up screens, and taking less than five minutes. Furthermore, it isn’t a major or costly change when a new system like ours, which offers offer flash performance at disk-based pricing, can be managed by existing IT professionals.
Lastly, it's important to note that in today's age of growing ransomware threats, having storage technology that can backdate to the second before an attack occurs saves the SMB time and resources to recover files. In the end, being susceptible to indiscriminate ransomware attacks and paying ransom will cost businesses far more in the long run.
Image Credit: Oleksiy Mark / Shutterstock